/[adm]/puppet/modules/postgresql/manifests/init.pp
ViewVC logotype

Contents of /puppet/modules/postgresql/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1279 - (show annotations) (download)
Tue Mar 8 11:54:32 2011 UTC (13 years, 1 month ago) by misc
File size: 3754 byte(s) 
add the start of a tagging system for exported db ( so we can have more than one db server )
1 class postgresql {
2 class server {
3 $pgsql_data = "/var/lib/pgsql/data/"
4 $pg_version = '9.0'
5
6 # missing requires is corrected in cooker,
7 # should be removed
8 # once the fix is in a stable release
9 package { "postgresql$pg_version-plpgsql":
10 alias => "postgresql-plpgsql",
11 ensure => installed,
12 }
13
14 package { "postgresql$pg_version-server":
15 alias => "postgresql-server",
16 ensure => installed,
17 require => Package['postgresql-plpgsql'],
18 }
19
20 service { postgresql:
21 ensure => running,
22 subscribe => Package["postgresql-server"],
23 hasstatus => true,
24 }
25
26 exec { "service postgresql reload":
27 refreshonly => true,
28 subscribe => [ File["postgresql.conf"],
29 File["pg_ident.conf"],
30 File["pg_hba.conf"] ]
31 }
32
33 openssl::self_signed_splitted_cert { "pgsql.$domain":
34 filename => "server",
35 directory => $pgsql_data,
36 owner => "postgres",
37 group => "postgres",
38 require => Package['postgresql-server']
39 }
40
41
42 file { '/etc/pam.d/postgresql':
43 ensure => present,
44 owner => root,
45 group => root,
46 mode => 644,
47 content => template("postgresql/pam"),
48 }
49
50 file { "postgresql.conf":
51 path => "$pgsql_data/postgresql.conf",
52 ensure => present,
53 owner => postgres,
54 group => postgres,
55 mode => 600,
56 content => template("postgresql/postgresql.conf"),
57 require => Package["postgresql-server"],
58 }
59
60 # TODO use augeas to manage this file once augeas 0.7.4 is installed
61 # on our server, as this would allow use to autodeclare database in it without
62 # much trouble
63 file { 'pg_hba.conf':
64 path => "$pgsql_data/pg_hba.conf",
65 ensure => present,
66 owner => postgres,
67 group => postgres,
68 mode => 600,
69 content => template("postgresql/pg_hba.conf"),
70 require => Package["postgresql-server"],
71 }
72
73 file { 'pg_ident.conf':
74 path => "$pgsql_data/pg_ident.conf",
75 ensure => present,
76 owner => postgres,
77 group => postgres,
78 mode => 600,
79 content => template("postgresql/pg_ident.conf"),
80 require => Package["postgresql-server"],
81 }
82 }
83
84 define tagged() {
85 # TODO add a system of tag so we can declare database on more than one
86 # server
87 Postgresql::User <<| tag == $name |>>
88 Postgresql::Database <<| tag == $name |>>
89 }
90
91
92 # TODO convert it to a regular type ( so we can later change user and so on )
93 define database($description="", $user="postgres") {
94 exec { "createdb -O $user -U postgres $name '$description'":
95 user => root,
96 unless => "psql -A -t -U postgres -l | grep '^$name|'",
97 require => Service['postgresql'],
98 }
99 }
100
101 # TODO convert to a regular type, so we can later change password without erasing the
102 # current user
103 define user($password) {
104 $sql = "CREATE ROLE $name ENCRYPTED PASSWORD '\$pass' NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN;"
105
106 exec { "psql -U postgres -c \"$sql\" ":
107 user => root,
108 environment => "pass=$password",
109 unless => "psql -A -t -U postgres -c '\du $name' | grep '$name'",
110 require => Service['postgresql'],
111 }
112 }
113 }
  ViewVC Help
Powered by ViewVC 1.1.30